Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
gpg on windows
eugene at wallstreetnet
Nov 12, 1999, 9:21 PM
Post #1 of 2 (695 views)
Permalink
Hello ...

I am new to this list and I have a few questions :)
1)
I am trying to use gpg under windows. My first question if of security. In
the manual it sais that random number generation is not tested under
windows. I was wondering if I inport a public/private key pair from a linux
machine (which should have secure algorithms) would that remedy the problem?

2) Just a note ...
If I encrypt a file to be read only by a curtain user is the whole file
getting envcrypted using public/private algorithm or does gpg generate a
symetrik key and just encrypts that and stores it at the begining of the
file ?

3) Doubt anyboyd knows but ...
Is there a way to force windows mail clients to have an outgoing filter? ex:
OutlookExpress. If not is there any other way to have them work w/ gpg?

4)
when I use gpg it displays a msg that I do not have secure memory, what
exactly does that mean? Is it reffering to swap or what?


Any info is welcome!

Thanks,

eugene

PS: Please do not flame me for using windows. 2 of my 3 computers are linux
and use gpg quite happilly, I'd just like to have at least some security on
windows as well.
Re: gpg on windows [ In reply to ]
wk at gnupg
Nov 13, 1999, 4:14 AM
Post #2 of 2 (667 views)
Permalink
Eugene Cheipesh <eugene@wallstreetnet.com> writes:

> I am trying to use gpg under windows. My first question if of security. In
> the manual it sais that random number generation is not tested under
> windows. I was wondering if I inport a public/private key pair from a linux
> machine (which should have secure algorithms) would that remedy the problem?

importing and exporting is not a problem. But as soon as you use a
secret key and especially if you _sign_ a message you have to care
about the RNG - a bad RNG may leak out your secret key.

I think the Windows RNG is pretty good and not worser than one other
security software uses.

> If I encrypt a file to be read only by a curtain user is the whole file
> getting envcrypted using public/private algorithm or does gpg generate a
> symetrik key and just encrypts that and stores it at the begining of the
> file ?

Yes. The performance of symmetric algorithms is by some orders of
magnitude higher than the one of public key algorithms. No encryption
program uses a public key algorithm to encrypt a bulk data.

> 3) Doubt anyboyd knows but ...
> Is there a way to force windows mail clients to have an outgoing filter? ex:
> OutlookExpress. If not is there any other way to have them work w/ gpg?

I hoe there is a way as I am going to do something like this. AFAIK
there is some plugin for PGP

> when I use gpg it displays a msg that I do not have secure memory, what
> exactly does that mean? Is it reffering to swap or what?

See the man page; about the last section. Yes, is refers to paging
memory out to disk. You get rid of the warning by putting a
"no-secmem-warning" into your ~/.gnupg/options file.

> PS: Please do not flame me for using windows. 2 of my 3 computers are linux

No problem. MS-Windows is not the primary goal but on popular demand
(and by getting paid for it) I did this port and will continue to work
on it.


--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal